A decidedly not cool move by Apple here. Note that Apple is not rejecting Dropbox and Rdio API integration as a whole (that’s front page, “bring the pitchforks” kind of news); instead it’s about the way their APIs authorize users. In particular:
If the user does not have Dropbox application installed then the linking authorization is done through Safari (as per latest SDK).
Once the user is in Safari it is possible for the user to click “Desktop version” and navigate to a place on Dropbox site where it is possible to purchase additional space.
Apple views this as “sending user to an additional purchase” which is against rules.
This is a stretch, at best. As the cloud storage wars among these big players heat up, this kind of sidestepping by Apple looks especially shady.
Update: A lot of other bloggers have pointed out that Apple’s 11.13 rule that restricts external purchases has been around for a while. Others say it’s a simple fix on Dropbox’s part. I think both, while true, somewhat miss the point. First, it appears Facebook Connect is in a similar predicament for authentication (you get bounced to a web page where it’s possible after several clicks to purchase or sign up), yet didn’t get rejected, which implies Dropbox is being treated differently. In addition, just asking Dropbox to fix or patch doesn’t excuse overzealousness on Apple’s part.
Bottom line, it’s one thing to reject an authentication web page that has a direct buy/sign up link on the first page – I see Apple’s concern there – but it’s another to reject sign up/buy several clicks away.